• The Journal of the Korea Contents Association
• /
• v.13 no.12
• /
• pp.568-574
• /
• 2013

In recent years, IT companies offer various cloud services using hardware-based technologies or software-based technologies. User can access these cloud services without the constraints of location or devices. The technologies are virtualization, provisioning, and big data processing. However, security incidents are constantly occurring even with these techniques. Thus, many companies build and operate private cloud service to prevent the leak of critical data. If virtual environment are different according to user permission, many system are needed, and user should login several virtual system to execute an program. In this paper, I suggest the access control method for application software on virtual operating system using the Open Authentication protocol in the Cloud system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.343-361
• /
• 2015

The financial industry in South Korea has witnessed a paradigm shift from selling traditional loan/deposit products to diversified consumption channels and financial products. Consequently, personification of financial services has accelerated and the value of finance-related personal information has risen rapidly. As seen in the 2014 card company information leakage incident, most of major finance-related information leakage incidents are caused by personnel with authorized access to certain data. Therefore, it is strongly required to confirm whether there are problems in the existing access control policy for personnel who can access a great deal of data, and to complement access control policy by considering risk factors of information security. In this paper, based on information of IT personnel with access to sensitive finance-related data such as job, position, sensitivity of accessible data and on a survey result, we will analyze influence factors for personnel risk measurement and apply data access control policy reflecting the analysis result to an actual case so as to introduce measures to minimize IT personnel risk in financial companies.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.192-193
• /
• 2014

Attendant services (user) roles (Role) and act on the data used should be based access control and permissions. Large amounts of important information to view and change the pre-approval must be acquired. Non-constant time for the session must control actions.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.282-285
• /
• 2007

최근 금융, 공공기관 등에서 개인 정보 유출이 빈번해짐에 따라 사회적으로 심각한 문제가 발생하고 있다. 한국산업기술진흥협회의 조사에 따르면, 이런 정보 유출이 외부의 불법적 시스템 침입으로 인해 발생하는 것보다, 대부분 데이터 접근이 인가된 내부자 소행으로 나타나고 있다. 이는 데이터베이스의 보안 취약성으로 인해, 내부의 비인가자 또는 인가자의 데이터 접근에 대한 통제 정책이 제대로 이루어지지 않기 때문이다. 이에 따라, 본 논문에서는 클라이언트에서 데이터베이스 서버로 요청되는 네트워크상의 패킷 분석을 통한 데이터베이스의 접근통제방법을 제안한다. 제안된 보안모델에서는, 사용자 정보 및 SQL 의 위 변조를 방지하기 위해서 공개키 인증과 메시지 인증코드 교환으로 무결성을 확보하였다. 또한 권한별 테이블의 컬럼 접근통제를 확장하기 위해서 데이터 마스킹 기법을 구현하였다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.05a
• /
• pp.781-784
• /
• 2009

IPTV, which is convergence of Communication and Broadcasting, has improved quickly recently. This service can provide high quality and various services to their customers, such as choosing channels freely, VOD and many kinds of Interactive service. As the technology of IPTV rapid development, more and more people worry about its disadvantages during the spread and apply, for instance, the illegal application, illegal copy, access authority abuse and the danger of the IPTV contents. This paper will provide the solution to solve these problems, through the Public Key Certificate of PKI(Public Key Infrastructure) and the Attribute Certificate of PMI(Privilege Management Infrastructure).

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• v.1
• /
• pp.81-87
• /
• 2006

해상교총관제는 해상운송에서의 운영적 ${\cdot}$ 환경적 위험을 강소시키기 위한 수단으로써 전 세계 여러 주요 항만과 수역에서 이용되고 있다. 현재 각 국에서는 자국연안에서의 선박통제제도를 적극적으로 실시하고 있으며, 해운의 활성화와 더불어 항만의 안전성 확보를 위하여 각국은 VTS에 관한 국내법을 제정하여 이를 시행하고 있다. 우리나라도 VTS와 관련하여 여러 규정들을 두고 있으나 각 개별입법 내에 산재해 있는 실정이며, VTS를 운영하는 관제요원의 책임과 권한을 명확하게 규정하고 있지 아니하다. 이에 향후 VTS 운영과 관련한 법제의 정비에 관한 논의를 촉진시키는 선행연구로써 현행 VTS 운영과 관련한 법적 문제점을 지적하고 개선방향을 제시한다. 우선 VTS 관제범위에 관한 논의는 국제법적 측면의 법리 정토가 필요하리라 생각되며, VTS 관제요원의 권한과 책임에 있어 적극적 관제에 대한 개념의 정립과 더불어 관제요원의 재인책임과 중과실 경과실에 대한 해상고유의 특성을 반영한 해석이 되어야 할 것으로 생각된다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.47-58
• /
• 2002

The access control techniques, which can control unauthorized members to access to multicast service, have not been studied very often while there are a lot of on-going study on secure multicast architecture, multicast key distribution and sender authentication scheme have been studied. Multi level access control scheme in multicast can be used in a remote secure conference or to provide graduated multimedia services to each customers. In fact, multicast network has its own virtual networks according to different security levels. However, Early schemes are not effective when it protects unauthorized access in multi-access network environment. Furthermore this scheme does not provide us with hierarchical access control mechanism. This paper, therefore, proposes hierarchical access control scheme to provide the effectiveness in network layer by security level comparison. And we also suggests hierarchical key distribution scheme for multi level access control in application layer and effective hierarchical key renewal scheme in dynamic multicast environment which is easy to join and leaving the multicast group.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.109-114
• /
• 2012

Information society in recent times, lots of important information have been stored in information systems. In this situation, unauthorized person can obtains important information by piggy-backing and shoulder surfing in specific area of organization. Therefore, in this study, we proposed network group access control system by combining RFID and infrared-ray for blocking information leakage due to unauthorized access by internal threats and enhancing personnel security. So it can provides a more secure internal network environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.10
• /
• pp.1405-1411
• /
• 2018

This paper designs access control system for MS-word(Microsoft-word) document system. The system designed in this paper uses the document-related information by analyzing the MS-word document structure. It is designed to block access to users who can not access the modified information by partially modifying MS-word document information. This makes it impossible to read documents other than those who have access to the MS-word document. This allows you to control access to the MS-word document. A user with access to the MS-word document will be able to retrieve the modified information back to the original information so that the document can be read normally. In this paper, we design and implement experiments. In the experiment, we performed document access if MS-word document information was modified. Experimental results show that the MS-word access control system operates normally.

• Korean Journal of Social Welfare Studies
• /
• v.45 no.2
• /
• pp.327-347
• /
• 2014

The purpose of this article is to explore the strength of user's right in service delivery process, and focuses on two areas. First one is to discuss the necessity which the process of service delivery will be changed from supplier-oriented system to user-oriented one, in order to strengthen user's right, especially in terms of choice and control. It can be facilitated by the abolishing of classification of disability. Second one is to introduce direct payments which money is directly given to user, instead of being given to supplier. This article also stresses that there is possibility of setting up direct payments because voucher system, a precursor of direct payments, is widely settled down for social service area in Korea.